6 Secure Email Providers You Need To Know About

Let’s get this out of the way: if you’re using a big-name provider for your email, it is definitely not secure email.

Email was established out of convenience. Back in the early days of the internet, when newsgroups and public forums were the primary methods of online communication, email was the perfect tool for moving a discussion to a more private place. Secure email, however, was hardly given a second thought. In fact, it’s about as secure as sending private information as a postcard.

Perhaps it’s because no one anticipated that electronic mail would live so long. It originated about the same time as ARPANET, after all, and with an ever-growing list of ~futuristic~ communication methods we’ve established since the late ‘70s, it’s a practical notion.

Yet, here we are in the middle of 2016, many of us juggling multiple email address in addition to our tweets, texts, and whatever notification’s been buzzing you on your smartwatch. And you know what? The companies who hold our email are exploiting it for all it’s worth.

There are really only three groups out there that want to gain access to your emails and the contents within them: cyber criminals, email providers, and government agencies. The cyber criminals, whether they’re hackers, identity thieves, spammers, or something else, are all trying to make a quick buck off your personal details. Meanwhile, government agencies like the NSA and GCHQ are getting real Orwellian in their mass surveillance techniques. Then, of course, we have our email providers. Don’t you find it interesting that the companies most oft-trusted with our email generate the majority of their revenue through advertising? Providers including Yahoo and Gmail scan the contents of our email for keywords to help determine what kind of advertisements to serve us.

As you can see, they’re pretty tough opponents to defend your emails from, but what is worse is that you can’t protect data from one and not the others. If you’re using Gmail, for example, then the FBI already has access to your emails. And with the FBI’s persistent demanding for backdoor access to user communications, a cyber criminal could exploit that backdoor for their own needs.

Do you see how this is all connected?

It got us thinking: what email providers — secure email providers — should we all be using? An email was sent out to our internal team asking: What is your favorite secure email service and why? Now with our results, here’s what we’ve got:

Secure Email Type: Encrypted Services

By and far, ProtonMail was recommended by nearly every IPVanish employee who responded to the mass email, and with very good reason. Providing BOTH free and premium email accounts, ProtonMail provides their user base with end-to-end (to-end) email encryption. With a suite of security tools at your disposal, including two-factor authentication and self-destructing message protections, it’s easy to see why this was at the top of everyone’s list. The Swiss-based company wants to provide as much anonymity as possible to ProtonMail users. The one overlooked feature that stood out most prominently to us was their zero user logs policy.

“Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts. As we have no way to read encrypted emails, we do not serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.”

Another secure email provider we were recommended was Tutanota. The name “Tutanota” comes from Latin by combining the words “tuta” and “nota” which mean “secure” and “message.” Based in Germany, this provider — like ProtonMail — also offers encrypted secure email for free. Using open source encryption, Tutanota scrambles the contents of emails sent and received through the mail provider. Even if a message is not sent in an encrypted manner, the “Sent” record is encrypted while it is stored on Tutanota servers.

One of the more premium players in the secure email space is Hushmail. Recommended most by members of our executive team, Hushmail has the industry-standard encryption that the previously mentioned providers also offer; the true differences with Hushmail lay in usability. Hushmail can be integrated with (nearly) any mailbox app in the market. And with a whopping 10GB of storage and an unlimited number of email aliases, Hushmail definitely delivers when it comes to add-ons.

Another premium provider, Posteo offers the most all-around ethical and friendly secure email service. The German-based company prides itself on its sustainability, touting everything from office employees commuting to work via bicycle to using Greenpeace Energy electricity, and even server hardware made with as little toxic material as possible. Offering encrypted calendars and address books in addition to their encrypted email, Posteo is a wonderful, cost-effective solution for anyone looking to encrypt their entire mail suite.

Secure Email Type: Temporary Services

A different approach to maintaining secure email can be taken by being selective about who receives your email address. Think of the mass number of websites and apps that gate your access with an email address. Most of those websites probably aren’t taking much database security in mind. It just takes the right hack for your email address to be blacklisted. Do you wanna do that? No.

Mailinator is, for lack of a better phrase, a burner email. As a burner, you pick an email address you’d like to have at practically any domain. Then, when the next shopping site or the next emoji app requests your email address, give them the Mailinator email. It’ll come into the public mailbox where you can accept whatever nonsense email confirmation you need, and presto! You’ve gained access to what you need without endangering your real email address.

Another temporary email service, Maildrop is here to save your inbox from spam. Use MailDrop when you don’t want to give out your real address to third parties. Just give someone any e-mail address in the maildrop.cc domain, put in the e-mail address, and boom — you can see that inbox. There’s no signups, no passwords, and no registration to keep you from that ‘signup verification’ email you have to confirm. While the messages themselves are not encrypted (and it’s a receive-only inbox) the personal security that this service provides your private email inbox is invaluable. Remember, Maildrop and the free versions of Mailinator are publicemail inboxes, so make sure nothing confidential is going there.

Secure email is only scratching the surface when it comes to protecting your personal data online. Using a reliable VPN like IPVanish will encrypt your entire internet connection in real-time so that no matter what you’re doing over the web, you can rest assured that your activity is anonymous.